Origin Roastery

Privacy Policy

Last updated: January 15, 2025

At Origin Roastery, we are committed to protecting your privacy and personal data in accordance with the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) and international best practices including GDPR where applicable.

Information We Collect

Personal Information:

  • Name and contact information (email, phone number, address)
  • Account credentials (username, encrypted password)
  • Delivery addresses and preferences
  • Payment information (processed securely by Stripe)
  • Order history and preferences

Automatically Collected Data:

  • Device and browser information
  • IP address and location data
  • Cookies and similar tracking technologies
  • Website usage patterns and preferences

How We Use Your Information

  • Processing and fulfilling your orders
  • Managing your account and subscriptions
  • Communicating with you about orders, updates, and promotions
  • Improving our products and services
  • Preventing fraud and ensuring security
  • Complying with legal obligations
  • Analyzing website usage and customer preferences

Data Security

We implement industry-standard security measures to protect your personal information:

  • SSL/TLS encryption for data transmission
  • Secure payment processing through Stripe
  • Regular security audits and updates
  • Access controls and authentication
  • Encrypted data storage
  • Employee training on data protection

⚠️ Note: While we implement robust security measures, no method of transmission over the internet is 100% secure. We continuously work to improve our security practices.

Sharing Your Information

We do not sell your personal information. We may share your data with:

Service Providers:

Payment processors (Stripe), shipping companies, email services, and analytics providers who help us operate our business.

Legal Requirements:

When required by law, court order, or government regulations in the UAE.

Business Transfers:

In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity.

Your Rights Under UAE PDPL

Under UAE data protection law, you have the following rights:

Access

Request a copy of your personal data we hold

Correction

Update or correct inaccurate information

Deletion

Request deletion of your personal data

Portability

Receive your data in a portable format

Withdrawal

Withdraw consent for data processing

Object

Object to processing of your personal data

To exercise any of these rights, please contact us using the information provided below.

Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your browsing experience:

  • 🔧 Essential Cookies: Required for website functionality
  • 📊 Performance Cookies: Help us understand how visitors use our site
  • ⚙️ Functional Cookies: Remember your preferences and settings
  • 📢 Marketing Cookies: Deliver relevant advertisements (with your consent)

You can control cookies through your browser settings. Note that disabling certain cookies may affect website functionality.

Data Retention

We retain your personal data only as long as necessary for the purposes outlined in this policy or as required by UAE law (5 years for compliance):

  • Account information: Duration of account + 5 years (UAE compliance)
  • Order history: 5 years (UAE commercial record-keeping requirements)
  • Marketing data: Until consent is withdrawn
  • Website analytics: 2 years

Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, please contact us immediately.

International Data Transfers

Your data is primarily stored and processed in the UAE. Some service providers may process data in other countries. We ensure appropriate safeguards are in place for international transfers in compliance with UAE PDPL.

Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or prominent website notice. The "Last Updated" date at the top indicates the most recent revision.

Contact Us

For questions about this Privacy Policy or to exercise your data protection rights, please contact:

Origin Roastery

originroastery@proton.me

+971 XX XXX XXXX (placeholder)

[To be provided by client]

You also have the right to lodge a complaint with the UAE Data Office if you believe your data protection rights have been violated.

This Privacy Policy is designed to comply with UAE Federal Decree-Law No. 45 of 2021 (Personal Data Protection Law) and international standards including GDPR where applicable.